Overview This article analyzes the incident affecting Sentiment that took place at 1750 UTC on 4th April 2023. This postmortem is a result of discussions with Zach, Alex, WatchPug, Sherlock and builds upon their analyses. We thank them for their support throughout the process. Root Cause Analysis The root cause is a view-only reentrancy bug exposed in Balancer pools when removing liquidity with one of the return tokens being ETH. Since the entry point is a non-mutating view call it could not be protected by a reentrancy guard allowing the caller to take control of execution and run arbitrary code. During liquidity withdrawal operations ("exit pool") Balancer first burns the LP Tokens (BPTs) and transfers funds to the user before updating its balances. Since this is not CEI-conformant it results in an intermediate state where the totalSupply() of the BPTs is reduced and some of the tokens could have been transferred, but internal asset balances are yet to be updated. Typically the intermediate state described above is harmless because there's no way to exploit it. Unfortunately, this is not the case with when one of the return tokens is ETH. Balancer uses a low level call() to transfer ETH to the caller which allows them to reenter and take control of execution in the intermediate state with inaccurate internal balances as described above.
4/9/2023Introduction On Apr 4, 2023 a malicious transaction resulted in the unauthorized extraction of user funds from the Sentiment protocol. A technical postmortem will be released shortly. The exploiter converted all the ill gotten funds to ETH and transferred the assets through several bridges from Arbitrum to Ethereum mainnet. After a series of negotiations, the exploiter has returned the 90% of the funds, and with the assistance of Sherlock, additional funds were recouped. Below is a detailed description of the plan to remove bad debt from the protocol and make Sentiment users whole. This plan is based on thoughtful consideration among advisors and core contributors with the main objective of making Sentiment users whole. Main Issue In brief, the exploiter was able to manipulate oracle pricing for a Balancer LP token and exploit the Sentiment protocol to borrow against a maliciously inflated asset price. This allowed the exploiter to extract funds from Sentiment leaving their Sentiment account with approximately $1,092,191.98 of bad debt at the time of the exploit. The accounting for the exploiters account after the hack is as follows: Debt USDC = 463,920 USDT = 363,303 ETH = 81.63 (~$152,938.06)
4/7/2023or
By clicking below, you agree to our terms of service.
New to HackMD? Sign up